Sudo CTI Logo
Leadership

Our Team

Koby Noguchi

Founder, CEO and Principal Cyber Threat Intelligence Analyst

Cyber Threat Intelligence Analyst focused on safeguarding both Enterprise and Critical National Infrastructure against Advanced Persistent Threats. Knowledge base includes a foundation of CTI writing, threat hunting over email, network and file systems, OSINT gathering and basic Web Penetration Testing.

Always keeping up to date with CTI feeds to better understand the ever evolving threat landscape in Operational Technology and Critical Network Infrastructure. Contributes to organizational security posture by delivering a variety of security products around intelligence reporting as well as hypothesis and tactical based threat hunts.

Regularly collaborates with cross-functional teams to analyze indicators of compromise, verify that appropriate threat detection is in place, and deploy effective countermeasures. Ethical hacker on ProjectDiscovery, HackerOne & Bugcrowd.

Cyber Threat Intelligence

Researched and crafted intelligence reports around Nation State APTs and eCrime groups targeting Energy, Government, Military and US/UK Infrastructure. Conducted research and provided recommendations for tactical as well as hypothesis based threat hunts for different vulnerabilities, malware injection techniques & the latest CVEs.

Intelligence Products

  • • Threat Alerts & Advisories
  • • Vendor Threat Assessments
  • • Weekly & Monthly Intelligence Reports

Threat Hunts

  • • Tactical hunts on Russian and Chinese APT IOCs/TTPs
  • • Hypothesis hunts with open-ended security problems

Governance, Risk & Compliance

Worked with various business units to verify vendor compliance with Baseline Security Requirements. Provided security direction to projects and communicated requirements to both technical and non-technical stakeholders. Researched and wrote corporate policy for data sanitization across decommissioned devices and legacy media storage.

  • • Evaluated vendor compliance with SOC2 and ISO27001 reports for alignment with NERC CIP, HIPAA, and state/federal legislation
  • • Defined baseline security requirements for solution effectiveness in production
  • • Prioritized and remediated vulnerabilities based on risk assessment
  • • Gathered evidence to verify service integration and documented compliance

SANS Training

SEC595

Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

FOR578

Cyber Threat Intelligence